summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSerghei Mihai <smihai@entrouvert.com>2015-03-25 23:50:58 (GMT)
committerSerghei Mihai <smihai@entrouvert.com>2015-03-25 23:50:58 (GMT)
commita7ef52150ab62d9b5cbdb9f8ee40c11e01e52b68 (patch)
tree91179803f4d3527a1798ee8f038b496617b8c58f
parentc1bcb3b68ace0105a0d422d206138774d2669b7e (diff)
downloadu-auth-a7ef52150ab62d9b5cbdb9f8ee40c11e01e52b68.zip
u-auth-a7ef52150ab62d9b5cbdb9f8ee40c11e01e52b68.tar.gz
u-auth-a7ef52150ab62d9b5cbdb9f8ee40c11e01e52b68.tar.bz2
documentation sources
-rw-r--r--doc/Makefile36
-rw-r--r--doc/configuration-pfsense.md110
-rw-r--r--doc/fonts/Cantarell-Bold.otfbin0 -> 51840 bytes
-rw-r--r--doc/fonts/Cantarell-Regular.otfbin0 -> 47828 bytes
-rw-r--r--doc/fonts/Museo500-Regular.otfbin0 -> 128172 bytes
-rw-r--r--doc/fonts/Museo_Slab.otfbin0 -> 62180 bytes
-rw-r--r--doc/images/idp_psl_dev.pngbin0 -> 101997 bytes
-rw-r--r--doc/images/idp_test_renater.pngbin0 -> 44701 bytes
-rw-r--r--doc/images/pfsense_activate_zone.pngbin0 -> 55220 bytes
-rw-r--r--doc/images/pfsense_add_host.pngbin0 -> 77718 bytes
-rw-r--r--doc/images/pfsense_allowed_ips.pngbin0 -> 65554 bytes
-rw-r--r--doc/images/pfsense_config_redirect_url.pngbin0 -> 58014 bytes
-rw-r--r--doc/images/pfsense_dashboard.pngbin0 -> 121281 bytes
-rw-r--r--doc/images/pfsense_disable_https_forwards.pngbin0 -> 51965 bytes
-rw-r--r--doc/images/pfsense_dns_resolver.pngbin0 -> 97254 bytes
-rw-r--r--doc/images/pfsense_home.pngbin0 -> 176870 bytes
-rw-r--r--doc/images/pfsense_new_zone.pngbin0 -> 46352 bytes
-rw-r--r--doc/images/pfsense_portal_page.pngbin0 -> 67174 bytes
-rw-r--r--doc/images/pfsense_radius_config.pngbin0 -> 68913 bytes
-rw-r--r--doc/images/pfsense_server_name.pngbin0 -> 50277 bytes
-rw-r--r--doc/images/pfsense_test_login1.pngbin0 -> 105967 bytes
-rw-r--r--doc/images/pfsense_test_redirect.pngbin0 -> 38404 bytes
-rw-r--r--doc/images/uauth.pngbin0 -> 117752 bytes
-rw-r--r--doc/index.html.build33
-rw-r--r--doc/pandoc.css128
25 files changed, 307 insertions, 0 deletions
diff --git a/doc/Makefile b/doc/Makefile
new file mode 100644
index 0000000..38d841c
--- /dev/null
+++ b/doc/Makefile
@@ -0,0 +1,36 @@
+PANDOC=pandoc
+PANDOCFLAGS=--standalone --smart --toc --number-sections --latex-engine=xelatex --variable geometry=margin=3cm --variable lang=french --variable mainfont=Cantarell --variable fontsize=12pt -c pandoc.css
+SRCS=$(wildcard *.md)
+IMAGES=$(wildcard images/*.png)
+PDFS=$(SRCS:%.md=%.pdf)
+HTMLS=$(SRCS:%.md=%.html)
+TEXS=$(SRCS:%.md=%.tex)
+ALL=$(PDFS) $(HTMLS) index.html
+
+all: $(ALL)
+
+index.html: $(SRCS) index.html.build
+ echo $(IMAGES)
+ sh ./index.html.build > index.html
+
+%.pdf: %.md $(IMAGES) Makefile
+ $(PANDOC) $(PANDOCFLAGS) $< -o $@
+
+%.tex: %.md
+ $(PANDOC) $(PANDOCFLAGS) $< -o $@
+
+%.html: %.md
+ $(PANDOC) $(PANDOCFLAGS) $< -o $@
+
+%.txt: %.md
+ $(PANDOC) $(PANDOCFLAGS) $< -o $@
+
+.PHONY:
+
+tex: $(TEXS)
+
+clean:
+ rm -f index.html $(PDFS) $(HTMLS) $(TEXS) $(SRCS:%.md=%.aux) $(SRCS:%.md=%.log) $(SRCS:%.md=%.out) $(SRCS:%.md=%.toc)
+
+publish: $(ALL)
+ rsync -av * doc.entrouvert.org:/var/vhosts/doc.entrouvert.org/web/supann/
diff --git a/doc/configuration-pfsense.md b/doc/configuration-pfsense.md
new file mode 100644
index 0000000..ccff6b1
--- /dev/null
+++ b/doc/configuration-pfsense.md
@@ -0,0 +1,110 @@
+% UAuth: Portail captif dans le Cloud
+% Configuration pfSense
+% Entr'ouvert SCOP -- http://www.entrouvert.com
+
+Ce document spécifie les étapes de configuration d'un portail captif pfSense
+pour son raccordement à la plateforme U-Auth.
+
+Configuration d'un portail captif pfSense
+=========================================
+
+Dans le menu __Services/Captive Portal__
+
+\ ![images/pfsense_home.png](images/pfsense_home.png)
+
+ajouter une nouvelle zone:
+
+\ ![images/pfsense_new_zone.png](images/pfsense_new_zone.png)
+
+
+Configurer la zone ainsi créée:
+
+1. activer la zone:
+
+\ ![images/pfsense_activate_zone.png](images/pfsense_activate_zone.png)
+
+
+2. configurer l'URL de redirection vers le page de connexion U-Auth:
+
+\ ![images/pfsense_config_redirect_url.png](images/pfsense_config_redirect_url.png)
+
+3. configurer l'authentification Radius:
+ * protocole d'authentification: PAP
+ * adresse IP du serveur U-Auth: 176.31.146.80
+ * secret partagé: testing123
+
+\ ![images/pfsense_radius_config.png](images/pfsense_radius_config.png)
+
+4. définir un nom local pour le portail captif:
+
+\ ![images/pfsense_server_name.png](images/pfsense_server_name.png)
+
+5. desactiver le HTTPS Forwards
+
+\ ![images/pfsense_disable_https_forwards.png](images/pfsense_disable_https_forwards.png)
+
+6. personnaliser la page d'authentification du portail captif en chargeant un fichier html contenant obligatoirement la variable `$PORTAL_REDIRURL$`:
+
+\ ![images/pfsense_portal_page.png](images/pfsense_portal_page.png)
+
+Example de fichier:
+
+```html
+<html>
+ <head>
+ <title>You are being redirected to authentication page</title>
+ </head>
+ <body>
+ <h3>You are being redirected to authentication page</h3>
+ <p>If you are not redirected, please
+ <a id="redirect" href="$PORTAL_REDIRURL$">click here</a></p>
+ <script type="text/javascript">
+ var redir = document.getElementById('redirect');
+ redir.href += window.location.search;
+ window.location.href="$PORTAL_REDIRURL$" + window.location.search;
+ </script>
+ </body>
+</html>
+```
+
+7. Autoriser le portail captif à acceder à U-Auth et les fournisseurs d'identité de la fédération:
+
+\ ![images/pfsense_allowed_ips.png](images/pfsense_allowed_ips.png)
+
+
+8. Dans le resolver DNS local rajouter le nom et l'adresse locale du portail captif:
+
+\ ![images/pfsense_dns_resolver.png](images/pfsense_dns_resolver.png)
+
+\ ![images/pfsense_add_host.png](images/pfsense_add_host.png)
+
+
+Test d'authentification
+=======================
+
+Depuis un poste interne au réseau du portail captif aller sur une page(par exemple http://perdu.com):
+
+\ ![images/pfsense_test_login1.png](images/pfsense_test_login1.png)
+
+La page personnalisée, rédirigeant vers U-Auth, sera affichée:
+
+\ ![images/pfsense_test_redirect.png](images/pfsense_test_redirect.png)
+
+Si l'accès à la plateforme U-Auth a été bien autorisée au niveau du portail captif, la page de votre organisme avec la liste des fournisseurs d'identité sera affichée:
+
+\ ![images/uauth.png](images/uauth.png)
+
+En choisisant un fournisseur d'identité, également autorisé au niveau du portail captif, la mire de connexion est affichée:
+
+\ ![images/idp_test_renater.png](images/idp_test_renater.png)
+
+\ ![/idp_psl_dev.png](images/idp_psl_dev.png)
+
+Une fois authentifié auprès du fournisseur d'identité l'utilisateur est autorisé au niveau du portail captif et est renvoyée vers la page demandée initiallement(dans cet exemple http://perdu.com)
+
+La session utilisateur sera visible dans le dashboard du portail captif:
+
+\ ![images/pfsense_dashboard.png](images/pfsense_dashboard.png)
+
+
+
diff --git a/doc/fonts/Cantarell-Bold.otf b/doc/fonts/Cantarell-Bold.otf
new file mode 100644
index 0000000..3fb64a8
--- /dev/null
+++ b/doc/fonts/Cantarell-Bold.otf
Binary files differ
diff --git a/doc/fonts/Cantarell-Regular.otf b/doc/fonts/Cantarell-Regular.otf
new file mode 100644
index 0000000..b28baa1
--- /dev/null
+++ b/doc/fonts/Cantarell-Regular.otf
Binary files differ
diff --git a/doc/fonts/Museo500-Regular.otf b/doc/fonts/Museo500-Regular.otf
new file mode 100644
index 0000000..da52e9c
--- /dev/null
+++ b/doc/fonts/Museo500-Regular.otf
Binary files differ
diff --git a/doc/fonts/Museo_Slab.otf b/doc/fonts/Museo_Slab.otf
new file mode 100644
index 0000000..84ceaca
--- /dev/null
+++ b/doc/fonts/Museo_Slab.otf
Binary files differ
diff --git a/doc/images/idp_psl_dev.png b/doc/images/idp_psl_dev.png
new file mode 100644
index 0000000..bce34d5
--- /dev/null
+++ b/doc/images/idp_psl_dev.png
Binary files differ
diff --git a/doc/images/idp_test_renater.png b/doc/images/idp_test_renater.png
new file mode 100644
index 0000000..5b7e7c4
--- /dev/null
+++ b/doc/images/idp_test_renater.png
Binary files differ
diff --git a/doc/images/pfsense_activate_zone.png b/doc/images/pfsense_activate_zone.png
new file mode 100644
index 0000000..151bd49
--- /dev/null
+++ b/doc/images/pfsense_activate_zone.png
Binary files differ
diff --git a/doc/images/pfsense_add_host.png b/doc/images/pfsense_add_host.png
new file mode 100644
index 0000000..3484b84
--- /dev/null
+++ b/doc/images/pfsense_add_host.png
Binary files differ
diff --git a/doc/images/pfsense_allowed_ips.png b/doc/images/pfsense_allowed_ips.png
new file mode 100644
index 0000000..5eda0fb
--- /dev/null
+++ b/doc/images/pfsense_allowed_ips.png
Binary files differ
diff --git a/doc/images/pfsense_config_redirect_url.png b/doc/images/pfsense_config_redirect_url.png
new file mode 100644
index 0000000..e13c88c
--- /dev/null
+++ b/doc/images/pfsense_config_redirect_url.png
Binary files differ
diff --git a/doc/images/pfsense_dashboard.png b/doc/images/pfsense_dashboard.png
new file mode 100644
index 0000000..0daa428
--- /dev/null
+++ b/doc/images/pfsense_dashboard.png
Binary files differ
diff --git a/doc/images/pfsense_disable_https_forwards.png b/doc/images/pfsense_disable_https_forwards.png
new file mode 100644
index 0000000..b082c2b
--- /dev/null
+++ b/doc/images/pfsense_disable_https_forwards.png
Binary files differ
diff --git a/doc/images/pfsense_dns_resolver.png b/doc/images/pfsense_dns_resolver.png
new file mode 100644
index 0000000..203aab8
--- /dev/null
+++ b/doc/images/pfsense_dns_resolver.png
Binary files differ
diff --git a/doc/images/pfsense_home.png b/doc/images/pfsense_home.png
new file mode 100644
index 0000000..161c796
--- /dev/null
+++ b/doc/images/pfsense_home.png
Binary files differ
diff --git a/doc/images/pfsense_new_zone.png b/doc/images/pfsense_new_zone.png
new file mode 100644
index 0000000..f29e0a9
--- /dev/null
+++ b/doc/images/pfsense_new_zone.png
Binary files differ
diff --git a/doc/images/pfsense_portal_page.png b/doc/images/pfsense_portal_page.png
new file mode 100644
index 0000000..ac71fff
--- /dev/null
+++ b/doc/images/pfsense_portal_page.png
Binary files differ
diff --git a/doc/images/pfsense_radius_config.png b/doc/images/pfsense_radius_config.png
new file mode 100644
index 0000000..53548d1
--- /dev/null
+++ b/doc/images/pfsense_radius_config.png
Binary files differ
diff --git a/doc/images/pfsense_server_name.png b/doc/images/pfsense_server_name.png
new file mode 100644
index 0000000..e75edb7
--- /dev/null
+++ b/doc/images/pfsense_server_name.png
Binary files differ
diff --git a/doc/images/pfsense_test_login1.png b/doc/images/pfsense_test_login1.png
new file mode 100644
index 0000000..c694272
--- /dev/null
+++ b/doc/images/pfsense_test_login1.png
Binary files differ
diff --git a/doc/images/pfsense_test_redirect.png b/doc/images/pfsense_test_redirect.png
new file mode 100644
index 0000000..55e1713
--- /dev/null
+++ b/doc/images/pfsense_test_redirect.png
Binary files differ
diff --git a/doc/images/uauth.png b/doc/images/uauth.png
new file mode 100644
index 0000000..0b5d27b
--- /dev/null
+++ b/doc/images/uauth.png
Binary files differ
diff --git a/doc/index.html.build b/doc/index.html.build
new file mode 100644
index 0000000..ac556a5
--- /dev/null
+++ b/doc/index.html.build
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+cat << EOT
+<!DOCTYPE html>
+<html lang="fr">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>Documentation</title>
+<link rel="stylesheet" type="text/css" media="all" href="http://www.entrouvert.com/static/eo/css/eo.css">
+<link rel="stylesheet" type="text/css" media="all" href="/skin/eo.css">
+<link rel="stylesheet" type="text/css" media="all" href="pandoc.css">
+</head>
+<body>
+<h1 id="logo">
+<a href="/"><img src="http://www.entrouvert.com/static/eo/img/logo.png" alt="Entr'ouvert"></a> Gestion d'identité SUPANN &mdash; Documentation</h1>
+<dl class="doc-index">
+EOT
+
+for MD in configuration-pfsense.md
+do
+ F=`basename $MD .md`
+ TITLE=`head -1 $F.md | sed 's/.*-- //'`
+cat << EOT
+<dt><a href="$F.html">$TITLE</a>
+ [<a href="$F.pdf">PDF</a>]</dt>
+<dd><p></p></dd>
+EOT
+done
+
+cat << EOT
+</body>
+</html>
+EOT
diff --git a/doc/pandoc.css b/doc/pandoc.css
new file mode 100644
index 0000000..eed1da8
--- /dev/null
+++ b/doc/pandoc.css
@@ -0,0 +1,128 @@
+@font-face {
+ font-family: 'Museo500';
+ src: url(fonts/Museo500-Regular.otf);
+ font-weight: normal;
+ font-style: normal;
+}
+
+@font-face {
+ font-family: 'MuseoSlab';
+ src: url(fonts/Museo_Slab.otf);
+ font-weight: normal;
+ font-style: normal;
+}
+
+@font-face {
+ font-family: 'Cantarell';
+ src: local('Cantarell'), local('Cantarell Regular'),
+ url(fonts/Cantarell-Regular.otf);
+}
+
+@font-face {
+ font-family: 'Cantarell';
+ font-weight: bold;
+ src: local('Cantarell'), local('Cantarell Bold'), local('Cantarell-Bold'),
+ url(fonts/Cantarell-Bold.otf);
+}
+
+body {
+ margin: auto;
+ padding-right: 1em;
+ padding-left: 1em;
+ max-width: 60em;
+ /* border-left: 1px solid black;
+ border-right: 1px solid black; */
+ color: black;
+ line-height: 140%;
+ color: #000;
+ font-family: Cantarell, Roboto, 'Droid Sans', Ubuntu, 'DejaVu Sans', Arial, sans-serif;
+}
+
+h1, h2, h3, h4 {
+ font-family: 'Museo500', 'Roboto';
+}
+
+pre {
+ border: 1px dotted gray;
+ background-color: #ececec;
+ color: #000;
+ padding: 0.5em;
+}
+code {
+ font-family: monospace;
+}
+h1 a, h2 a, h3 a, h4 a, h5 a {
+ text-decoration: none;
+ color: #000;
+}
+h1, h2, h3, h4, h5 {
+ color: #000;
+}
+h1 {
+ padding-top: 1em;
+ margin-top: 4em;
+ border-top: 2px solid black;
+ font-size: 200%;
+}
+
+h2 {
+/* border-bottom: 1px dotted black; */
+ font-size: 150%;
+ padding-top: 1em;
+}
+
+h3 {
+ font-size: 120%;
+}
+
+h4 {
+ font-size: 90%;
+ font-style: italic;
+}
+
+h5 {
+ font-size: 90%;
+ font-style: italic;
+}
+
+h1.title {
+ font-size: 200%;
+ font-weight: bold;
+ padding-top: 0.2em;
+ padding-bottom: 0.2em;
+ text-align: left;
+ border: none;
+}
+
+h2.author {
+ text-align: right;
+}
+
+div#TOC {
+ padding: 20px;
+ background: #ccc;
+}
+
+dt code {
+ font-weight: bold;
+}
+dd p {
+ margin-top: 0;
+}
+
+#footer {
+ padding-top: 1em;
+ font-size: 70%;
+ color: gray;
+ text-align: center;
+}
+div.figure {
+ padding-top: 1em;
+ padding-bottom: 1em;
+ border: 1px solid black;
+ text-align: center;
+}
+p.caption {
+ font-size: 80%;
+ font-style: italic;
+}